| 发明名称 | Cryptographic protocol for portable devices | ||
| 摘要 | Embodiments are directed towards communicating using a mobile device that performs actions including. A mobile device may be provisioned with an access point such that a provisioning key and a provisioning token for each of the provisioned access points may be stored on the mobile device. The mobile device may be determined to be in the presence of a provisioned access point based on the provisioning key and an advertising nonce. The advertising nonce may be encrypted with the provisioning key. A communication channel between the mobile device and the access point may be established based on a session nonce, the advertising nonce, and the provisioning key. A session key may be generated based in part on the advertising nonce and a message counter. And, encrypted message packets that include a message and a message authentication tag may be communicated to the access point. | ||
| 申请公布号 | US9197414(B1) | 申请公布日期 | 2015.11.24 |
| 申请号 | US201514675489 | 申请日期 | 2015.03.31 |
| 申请人 | Nymi Inc. | 发明人 | Martin Karl;Vahlis Evgene |
| 分类号 | H04L29/06;H04L9/32;H04W12/02;H04W12/06;H04W4/00 | 主分类号 | H04L29/06 |
| 代理机构 | Lowe Graham Jones PLLC | 代理人 | Branch John W.;Lowe Graham Jones PLLC |
| 主权项 | 1. A method for employing a mobile device to communicate data over a network, wherein the mobile device performs actions, comprising: enabling one or more provisioning keys to be locally stored on the mobile device and locally stored on one or more remote access points; employing an authorized authentication device (AAD) to authenticate a user of the mobile device based on one or more biometric signals; and when the user of the mobile device is authenticated, performing further actions, including: generating one or more advertising information packets based in part on a synchronized time value and one or more provisioning keys, wherein each of the one or more advertising information packets corresponds to one or more of the one or more provisioning keys;communicating the one or more advertising information packets to one or more remote access points, wherein each remote access point employs its one or more locally stored provisioning keys and its locally stored synchronized time value to generate one or more local versions of the one or more advertising information packets and compares the one or more local versions of the advertising information packets to the communicated one or more advertising information packets; andwhen one or more of the comparisons produces an equivalent result, providing access to the one or more remote access points that are also associated with the equivalent result. | ||
| 地址 | Toronto CA | ||